Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/ac567d-46d2-4081-94ef-eedf76077f09/1/7x74PlGBpAa7JY28W64yePurPr8.roa
File: 7x74PlGBpAa7JY28W64yePurPr8.roa (raw, json)
Hash identifier: g8ZGv+bqReoph51jY0c7fkmNw3v6nnjb+yudLFpmb8E=
Subject key identifier: EF:1E:F8:3E:51:81:A4:06:BB:25:8D:BC:5B:AE:32:78:FB:AB:3E:BF
Certificate issuer: /CN=da6525de4aa6d0ca1ae7bd8ee1e35bfd269649bb
Certificate serial: 018CC2DAB50A6B6DB9D0F9F79A1D230DD6CE
Authority key identifier: DA:65:25:DE:4A:A6:D0:CA:1A:E7:BD:8E:E1:E3:5B:FD:26:96:49:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2mUl3kqm0Moa572O4eNb_SaWSbs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/ac567d-46d2-4081-94ef-eedf76077f09/1/7x74PlGBpAa7JY28W64yePurPr8.roa
Signing time: Mon 01 Jan 2024 02:29:22 +0000
ROA not before: Mon 01 Jan 2024 02:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49273
IP address blocks: 188.113.227.0/24 maxlen: 24
188.113.230.0/24 maxlen: 24
188.113.231.0/24 maxlen: 24
188.113.228.0/24 maxlen: 24
188.113.229.0/24 maxlen: 24
188.113.233.0/24 maxlen: 24
188.113.232.0/24 maxlen: 24
188.113.234.0/24 maxlen: 24
188.113.237.0/24 maxlen: 24
188.113.238.0/24 maxlen: 24
188.113.235.0/24 maxlen: 24
188.113.236.0/24 maxlen: 24
188.113.240.0/24 maxlen: 24
188.113.239.0/24 maxlen: 24
188.113.246.0/24 maxlen: 24
188.113.241.0/24 maxlen: 24
188.113.244.0/24 maxlen: 24
188.113.245.0/24 maxlen: 24
188.113.242.0/24 maxlen: 24
188.113.243.0/24 maxlen: 24
188.113.247.0/24 maxlen: 24
188.113.248.0/24 maxlen: 24
188.113.251.0/24 maxlen: 24
188.113.252.0/24 maxlen: 24
188.113.249.0/24 maxlen: 24
188.113.250.0/24 maxlen: 24
188.113.253.0/24 maxlen: 24
188.113.254.0/24 maxlen: 24
188.113.255.0/24 maxlen: 24
188.113.192.0/24 maxlen: 24
188.113.195.0/24 maxlen: 24
188.113.196.0/24 maxlen: 24
188.113.193.0/24 maxlen: 24
188.113.194.0/24 maxlen: 24
188.113.199.0/24 maxlen: 24
188.113.197.0/24 maxlen: 24
188.113.198.0/24 maxlen: 24
188.113.202.0/24 maxlen: 24
188.113.203.0/24 maxlen: 24
188.113.200.0/24 maxlen: 24
188.113.201.0/24 maxlen: 24
188.113.206.0/24 maxlen: 24
188.113.204.0/24 maxlen: 24
188.113.205.0/24 maxlen: 24
188.113.209.0/24 maxlen: 24
188.113.210.0/24 maxlen: 24
188.113.207.0/24 maxlen: 24
188.113.208.0/24 maxlen: 24
188.113.213.0/24 maxlen: 24
188.113.211.0/24 maxlen: 24
188.113.212.0/24 maxlen: 24
188.113.218.0/24 maxlen: 24
188.113.219.0/24 maxlen: 24
188.113.216.0/24 maxlen: 24
188.113.217.0/24 maxlen: 24
188.113.214.0/24 maxlen: 24
188.113.215.0/24 maxlen: 24
188.113.224.0/24 maxlen: 24
188.113.221.0/24 maxlen: 24
188.113.222.0/24 maxlen: 24
188.113.226.0/24 maxlen: 24
188.113.225.0/24 maxlen: 24
185.208.177.0/24 maxlen: 24
185.208.176.0/24 maxlen: 24
185.208.178.0/24 maxlen: 24
185.208.179.0/24 maxlen: 24
45.153.67.0/24 maxlen: 24
45.153.65.0/24 maxlen: 24
45.153.66.0/24 maxlen: 24
45.153.60.0/24 maxlen: 24
45.153.63.0/24 maxlen: 24
45.153.64.0/24 maxlen: 24
45.153.61.0/24 maxlen: 24
45.153.62.0/24 maxlen: 24
2a02:f7c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/ac567d-46d2-4081-94ef-eedf76077f09/1/2mUl3kqm0Moa572O4eNb_SaWSbs.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/ac567d-46d2-4081-94ef-eedf76077f09/1/2mUl3kqm0Moa572O4eNb_SaWSbs.mft
rsync://rpki.ripe.net/repository/DEFAULT/2mUl3kqm0Moa572O4eNb_SaWSbs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 02 Jul 2024 07:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:b5:0a:6b:6d:b9:d0:f9:f7:9a:1d:23:0d:d6:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da6525de4aa6d0ca1ae7bd8ee1e35bfd269649bb
Validity
Not Before: Jan 1 02:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ef1ef83e5181a406bb258dbc5bae3278fbab3ebf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:0b:3d:de:a3:a8:e5:5c:f6:ad:b9:9f:ab:e6:
d5:60:76:60:32:0c:da:df:89:aa:35:ff:46:d6:69:
bc:8d:8e:e7:83:7b:6e:03:04:ad:05:ca:7b:eb:d4:
d6:a1:a9:1f:08:ac:8e:6b:e0:c8:6a:48:18:1d:88:
cd:43:ae:1a:9d:dc:5d:aa:c9:63:d6:ad:69:12:ca:
32:ee:c1:40:38:cd:ee:9f:e5:86:cf:bd:82:03:04:
68:de:af:83:6a:55:95:be:df:17:74:31:cb:f4:83:
49:d5:7f:79:31:75:0d:c8:06:9e:84:b3:53:66:ff:
c1:da:62:e7:3b:d6:33:31:76:dd:2d:53:8d:90:cd:
fd:90:3f:cb:51:96:75:1e:24:e2:7a:d3:b3:75:bb:
0c:40:46:1a:fc:1f:aa:6d:27:64:da:ae:32:75:ad:
b3:d3:78:36:93:84:2c:2b:e3:52:9b:88:a4:6b:63:
26:1a:18:8c:a5:05:59:a5:29:b8:76:5e:b3:b2:f6:
6b:87:d5:ae:f5:71:a3:27:02:3b:5f:62:7b:19:88:
6a:97:cc:4d:29:ff:25:08:ae:cb:c6:08:21:53:25:
2b:72:91:4e:0d:85:f9:69:42:d1:37:ec:17:2c:74:
55:26:96:97:95:c7:e7:82:11:82:7c:0b:0f:5b:f4:
61:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:1E:F8:3E:51:81:A4:06:BB:25:8D:BC:5B:AE:32:78:FB:AB:3E:BF
X509v3 Authority Key Identifier:
keyid:DA:65:25:DE:4A:A6:D0:CA:1A:E7:BD:8E:E1:E3:5B:FD:26:96:49:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2mUl3kqm0Moa572O4eNb_SaWSbs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/ac567d-46d2-4081-94ef-eedf76077f09/1/7x74PlGBpAa7JY28W64yePurPr8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/ac567d-46d2-4081-94ef-eedf76077f09/1/2mUl3kqm0Moa572O4eNb_SaWSbs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.60.0-45.153.67.255
185.208.176.0/22
188.113.192.0-188.113.219.255
188.113.221.0-188.113.222.255
188.113.224.0/19
IPv6:
2a02:f7c0::/32
Signature Algorithm: sha256WithRSAEncryption
65:54:45:1b:21:41:76:61:92:f2:66:f7:0c:2e:23:0b:12:c6:
90:11:ac:42:c3:b0:66:eb:c4:23:3b:6d:4d:ce:44:61:80:98:
32:47:f1:3d:8c:ec:ea:6f:c9:48:af:74:53:02:c6:db:52:ec:
26:3e:34:a8:c3:86:38:36:3b:c0:52:6c:38:59:bd:90:f3:9b:
2a:ae:4c:bb:e1:de:02:4c:2e:fc:dc:9e:d6:7b:55:cb:04:90:
79:3e:3c:67:af:62:50:15:fd:ae:c9:85:e7:9f:75:2b:32:74:
20:a2:87:fd:24:d1:5c:00:c6:42:77:b2:ab:09:08:7d:65:4b:
7c:18:d4:da:9e:66:34:17:29:3c:bd:df:8e:cb:55:f6:e7:eb:
8b:96:06:8d:c8:6a:60:5b:b5:fe:e9:b9:e2:8e:7f:a2:98:65:
a2:a0:6f:56:64:d4:42:5d:9b:1b:b1:e8:dc:d3:30:f7:38:36:
b2:5d:99:39:90:52:51:92:c7:8c:6d:33:46:22:0f:c3:a4:df:
f9:fa:6d:ef:82:8a:18:b1:35:53:72:50:39:34:43:58:1e:2c:
b7:7a:dd:02:7b:4c:4b:cf:45:ae:00:5c:d9:08:0a:31:88:dc:
7c:4c:b9:45:e3:3f:f4:6b:56:9b:e0:63:f4:97:4d:ad:8c:30:
74:37:27:c1
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYzC2rUKa2250Pn3mh0jDdbOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNjUyNWRlNGFhNmQwY2ExYWU3YmQ4ZWUxZTM1YmZkMjY5
NjQ5YmIwHhcNMjQwMTAxMDIyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjFlZjgzZTUxODFhNDA2YmIyNThkYmM1YmFlMzI3OGZiYWIzZWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiws93qOo5Vz2rbmfq+bVYHZgMgza
34mqNf9G1mm8jY7ng3tuAwStBcp769TWoakfCKyOa+DIakgYHYjNQ64andxdqslj
1q1pEsoy7sFAOM3un+WGz72CAwRo3q+DalWVvt8XdDHL9INJ1X95MXUNyAaehLNT
Zv/B2mLnO9YzMXbdLVONkM39kD/LUZZ1HiTietOzdbsMQEYa/B+qbSdk2q4yda2z
03g2k4QsK+NSm4ika2MmGhiMpQVZpSm4dl6zsvZrh9Wu9XGjJwI7X2J7GYhql8xN
Kf8lCK7LxgghUyUrcpFODYX5aULRN+wXLHRVJpaXlcfnghGCfAsPW/RhXQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFO8e+D5RgaQGuyWNvFuuMnj7qz6/MB8GA1UdIwQY
MBaAFNplJd5KptDKGue9juHjW/0mlkm7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm1VbDNrcW0wTW9hNTcyTzRlTmJfU2FXU2JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9hYzU2N2QtNDZkMi00MDgxLTk0ZWYt
ZWVkZjc2MDc3ZjA5LzEvN3g3NFBsR0JwQWE3SlkyOFc2NHllUHVyUHI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9hYzU2N2QtNDZkMi00MDgxLTk0ZWYtZWVkZjc2MDc3ZjA5
LzEvMm1VbDNrcW0wTW9hNTcyTzRlTmJfU2FXU2JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2MAwDBAItmTwD
BAItmUADBAK50LAwDAMEBrxxwAMEArxx2DAMAwQAvHHdAwQAvHHeAwQFvHHgMA0E
AgACMAcDBQAqAvfAMA0GCSqGSIb3DQEBCwUAA4IBAQBlVEUbIUF2YZLyZvcMLiML
EsaQEaxCw7Bm68QjO21NzkRhgJgyR/E9jOzqb8lIr3RTAsbbUuwmPjSow4Y4NjvA
Umw4Wb2Q85sqrky74d4CTC783J7We1XLBJB5Pjxnr2JQFf2uyYXnn3UrMnQgoof9
JNFcAMZCd7KrCQh9ZUt8GNTanmY0Fyk8vd+Oy1X25+uLlgaNyGpgW7X+6bnijn+i
mGWioG9WZNRCXZsbsejc0zD3ODayXZk5kFJRkseMbTNGIg/DpN/5+m3vgooYsTVT
clA5NENYHiy3et0Ce0xLz0WuAFzZCAoxiNx8TLlF4z/0a1ab4GP0l02tjDB0NyfB
-----END CERTIFICATE-----
Generated at Mon Jul 1 14:24:41 2024 by rpki-client on console-fra.rpki-client.org